Daniel Cid

213 posts

Daniel B. Cid is Founder of Sucuri and the VP of Engineering for the GoDaddy Security Products group. He is also the founder of OSSEC and CleanBrowsing. You can find more about Daniel on his site dcid.me or on Twitter: @danielcid

New Brute Force Attacks Exploiting XMLRPC in WordPress

Daniel Cid
July 24, 2014

Brute force attacks against WordPress have always been very common. In fact, Brute Force attacks against any CMS these days is a common occurrence, what…

Read the Post

MailPoet Vulnerability Exploited in the Wild – Breaking Thousands of WordPress Sites

Daniel Cid
July 23, 2014

A few weeks ago we found and disclosed a serious vulnerability on the MailPoet WordPress Plugin. We urged everyone to upgrade their sites immediately due…

Read the Post

SQL Injection Vulnerability – vBulletin 5.x

Daniel Cid
July 17, 2014

The vBulletin team just released a security patch for vBulletin 5.0.4, 5.0.5, 5.1.0, 5.1.1, and 5.1.2 to address a SQL injection vulnerability on the member…

Read the Post

Website Malware – Mobile Redirect to BaDoink Porn App

Daniel Cid
July 9, 2014

A few weeks ago we reported that we were seeing a huge increase in the number of websites compromised with a hidden redirection to pornographic…

Read the Post

Ask Sucuri: Who is Logging into My WordPress Site?

Daniel Cid
July 3, 2014

Today, we’re going to revisit our Q&A series. If you have any questions about malware, blacklisting, or security in general, send them to us at:…

Read the Post

Remote File Upload Vulnerability in WordPress MailPoet Plugin (wysija-newsletters)

Daniel Cid
July 1, 2014

Marc-Alexandre Montpas, from our research team, found a serious security vulnerability in the MailPoet WordPress plugin. This bug allows an attacker to upload any file…

Read the Post

TimThumb WebShot Code Execution Exploit (Zeroday)

Daniel Cid
June 25, 2014

If you are still using Timthumb after the serious vulnerability that was found on it last year, you have one more reason to be concerned.…

Read the Post

Spam Hack Targets WordPress Core Install Directories

Daniel Cid
June 24, 2014

Do you run your website on WordPress? Have you checked the integrity of your core install lately for SPAM like “Google Pharmacy” stores or other…

Read the Post

CloudProxy + SPDY = A Faster Website

Daniel Cid
June 12, 2014

Our Website Firewall already protects and speeds up over 1,000 websites. Now, it’ll be even faster. We’re happy to announce that we just added support…

Read the Post

Website Firewall Update – Introducing 2FA and More

Daniel Cid
June 6, 2014

Today we are launching the new and improved Protected Page capability in our Website Firewall. It allows for a simple (1-click) activation of secondary authentication…

Read the Post

BaDoink Website Redirect – Malicious Redirections to Porn Websites on Mobile Devices

Daniel Cid
May 26, 2014

The past week has brought about a large number of cases where compromised websites had hidden redirections to porn injected into their code. All the…

Read the Post